It’s New Year’s Eve, which means only one thing – Competition Time. Are you going out for drinks with friends, partying at home or just relaxing and chilling? Share your New Years Eve Selfie for a chance of wining £50. Use your mobile to snap a memory and the best snap will win this fab prize? If you are interested in entering our competition all you need to do is the following: Facebook: Like our page and upload a picture of your NYE Selfie. Share the post with at least one person. It’s that simple! We’ll pick one winner on Tuesday 2nd January 2018. And don’t forget this competition is open to everyone with a broken phone, so feel free to share and let your friends know too! What happens next: We will pick one winner with what we consider to be the the Best New Years Eve Selfie. Winners will need to like or be following us at the time of the prize draw to be eligible for the prize. The Legal Stuff 1. The promoter is: iMend.com, whose registered office is at iMend.com, Spear House, Burntwood, Staffordshire, WS7 3GL, United Kingdom. Employees of iMend or anyone else connected in any way with iMend.com, the competition or helping to set up the competition shall not be permitted to enter the competition. 2. There is no entry fee and no purchase necessary to enter this competition. 3. Closing date and time for entry will be the 1st January 2018 at 5pm PDT. After this date, no further entries to the competition will be permitted. 4. No responsibility can be accepted for entries not received for whatever reason. 5. The rules of the competition and the prize for each winner are as follows: 6. Prize: One Amazon Voucher worth £50. Once the winner is chosen, the iMend team will contact him/her and ask them to send their contact details to so the iMend team can proceed with the repair. 7. iMend.com reserve the right to cancel or amend the competition and these terms and conditions. 8. The promoter is not responsible for inaccurate prize details supplied to any entrant by any third party connected with this competition. 9. No cash alternative to the prize will be offered. The prize is not transferable. Prize is subject to availability and we reserve the right to substitute any prize with another of equivalent value without giving notice. 10. Winners must be a UK resident and will be chosen at 5pm on 2nd January 2018 by iMend management from all entries received and verified by Promoter and or its agents. 11. The winner will be notified by social media on 2nd January. If the winner cannot be contacted or does not claim the prize within a further 7 days of the notification, we reserve the right to withdraw the prize from the winner and pick a replacement winner. 12. The promoter’s decision in respect of all matters to do with the competition will be final and no correspondence will be entered into. 13. By entering this competition, an entrant is indicating his/her agreement to be bound by these terms and conditions. 14. The competition and these terms and conditions will be governed by English law and any disputes will be subject to the exclusive jurisdiction of the courts of England. 15. The winner agrees to the use of his/her name and image in any publicity material. Any personal data relating to the winner or any other entrants will be used solely in accordance with current UK data protection legislation and will not be disclosed to a third party without the entrant’s prior consent. 16. Entry into the competition will be deemed as acceptance of these terms and conditions. 17. This promotion is in no way sponsored, endorsed or administered by, or associated with, Facebook, Twitter or any other Social Network. You are providing your information to iMend and not to any other party. The information provided will be used in conjunction with the following Privacy Policy found at http://www.imend.com The post New Year’s Eve Selfie Competition appeared first on iMend Blog. from https://www.imend.com/blog/new-years-eve-selfie-competition/
0 Comments
A 28-year-old Kansas man was shot and killed by police officers on the evening of Dec. 28 after someone fraudulently reported a hostage situation ongoing at his home. The false report was the latest in a dangerous hoax known as “swatting,” wherein the perpetrator falsely reports a dangerous situation at an address with the goal of prompting authorities to respond to that address with deadly force. This particular swatting reportedly originated over a $1.50 wagered match in the online game Call of Duty. Compounding the tragedy is that the man killed was an innocent party who had no part in the dispute. The following is an analysis of what is known so far about the incident, as well as a brief interview with the alleged and self-professed perpetrator of this crime. It appears that the dispute and subsequent taunting originated on Twitter. One of the parties to that dispute — allegedly using the Twitter handle “SWauTistic” — threatened to swat another user who goes by the nickname “7aLeNT“. @7aLeNT dared someone to swat him, but then tweeted an address that was not his own. Swautistic responded by falsely reporting to the Kansas police a domestic dispute at the address 7aLenT posted, telling the authorities that one person had already been murdered there and that several family members were being held hostage. A story in the Wichita Eagle says officers responded the 1000 block of McCormick and got into position, preparing for a hostage situation.
Not long after that, Swautistic could be seen on Twitter saying he could see on television that the police had fallen for his swatting attack. When it became apparent that a man had been killed as a result of the swatting, Swautistic tweeted that he didn’t get anyone killed because he didn’t pull the trigger (see image above). Swautistic soon changed his Twitter handle to @GoredTutor36, but KrebsOnSecurity managed to obtain several weeks’ worth of tweets from Swautistic before his account was renamed. Those tweets indicate that Swautistic is a serial swatter — meaning he has claimed responsibility for a number of other recent false reports to the police. Among the recent hoaxes he’s taken credit for include a false report of a bomb threat at the U.S. Federal Communications Commission (FCC) that disrupted a high-profile public meeting on the net neutrality debate. Swautistic also has claimed responsibility for a hoax bomb threat that forced the evacuation of the Dallas Convention Center, and another bomb threat at a high school in Panama City, Fla, among others. After tweeting about the incident extensively this afternoon, KrebsOnSecurity was contacted by someone in control of the @GoredTutor36 Twitter account. GoredTutor36 said he’s been the victim of swatting attempts himself, and that this was the reason he decided to start swatting others. He said the thrill of it “comes from having to hide from police via net connections.” Asked about the FCC incident, @GoredTutor36 acknowledged it was his bomb threat. “Yep. Raped em,” he wrote. “Bomb threats are more fun and cooler than swats in my opinion and I should have just stuck to that,” he wrote. “But I began making $ doing some swat requests.” Asked whether he feels remorse about the Kansas man’s death, he responded “of course I do.” But evidently not enough to make him turn himself in. “I won’t disclose my identity until it happens on its own,” the user said in a long series of direct messages on Twitter. “People will eventually (most likely those who know me) tell me to turn myself in or something. I can’t do that; though I know its [sic] morally right. I’m too scared admittedly.” ANALYSISAs a victim of my own swatting attack back in 2013, I’ve been horrified to watch these crimes only increase in frequency ever since — usually with little or no repercussions on the part of the person or persons involved in setting the schemes in motion. Given that the apparent perpetrator of this crime seems eager for media attention, it seems likely he will be apprehended soon. My guess is that he is a minor and will be treated with kid gloves as a result, although I hope I’m wrong on both counts. Let me be crystal clear on a couple of points. First off, there is no question that police officers and first responders across the country need a great deal more training to bring the number of police shootings way down. That is undoubtedly a giant contributor to the swatting epidemic. Also, all police officers and dispatchers need to be trained on what swatting is, how to spot the signs of a hoax, and how to minimize the risk of anyone getting harmed when responding to reports about hostage situations or bomb threats. Finally, officers of the peace who are sworn to protect and serve should use deadly force only in situations where there is a clear and immediate threat. Those who jump the gun need to be held accountable as well. But that kind of reform isn’t going to happen overnight. Meanwhile, knowingly and falsely making a police report that results in a SWAT unit or else heavily armed police response at an address is an invitation for someone to get badly hurt or killed. These are high-pressure situations and in most cases — as in this incident — the person opening the door has no idea what’s going on. Heaven protect everyone at the scene if the object of the swatting attack is someone who is already heavily armed and confused enough about the situation to shoot anything that comes near his door. In some states, filing a false police report is just a misdemeanor and is mainly punishable by fines. However, in other jurisdictions filing a false police report is a felony, and I’m afraid it’s long past time for these false reports about dangerous situations to become a felony offense in every state. Here’s why. If making a fraudulent report about a hostage situation or bomb threat is a felony, then if anyone dies as a result of that phony report they can legally then be charged with felony murder. Under the doctrine of felony murder, when an offender causes the death of another (regardless of intent) in the commission of a dangerous crime, he or she is guilty of murder. Too often, however, the perpetrators of these crimes are minors, and even when they’re caught they are frequently given a slap on the wrist. Swatting needs to stop, and unfortunately as long as there are few consequences for swatting someone, it will continue to be a potentially deadly means for gaining e-fame and for settling childish and pointless ego squabbles. from https://krebsonsecurity.com/2017/12/kansas-man-killed-in-swatting-attack/ Eight years ago today I set aside my Washington Post press badge and became an independent here at KrebsOnSecurity.com. What a wild ride it has been. Thank you all, Dear Readers, for sticking with me and for helping to build a terrific community. This past year KrebsOnSecurity published nearly 160 stories, generating more than 11,000 reader comments. The pace of publications here slowed down in 2017, but then again I have been trying to focus on quality over quantity, and many of these stories took weeks or months to report and write. As always, a big Thank You to readers who sent in tips and personal experiences that helped spark stories here. For anyone who wishes to get in touch, I can always be reached via this site’s contact form, or via email at krebsonsecurity @ gmail dot com. Here are some other ways to reach out: via Wickr at “krebswickr” Protonmail: krebsonsecurity at protonmail dot com Below are the Top 10 most-read stories of 2017, as decided by views and sorted in reverse chronological order: The Market for Stolen Account Credentials Phishers are Upping Their Game: So Should You Equifax Breach Fallout: Your Salary History USPS’ Informed Delivery is a Stalker’s Dream The Equifax Breach: What You Should Know Got Robocalled? Don’t Get Mad, Get Busy Why So Many Top Hackers Hail from Russia Post-FCC Privacy Rules: Should You VPN? If Your iPhone is Stolen, These Guys May Try to iPhish You Who is Anna-Senpai, the Mirai Worm Author? from https://krebsonsecurity.com/2017/12/happy-8th-birthday-krebsonsecurity/ Dec. 18 marked the fourth anniversary of this site breaking the news about a breach at Target involving some 40 million customer credit and debit cards. It has been fascinating in the years since that epic intrusion to see how organized cyber thieves have shifted from targeting big box retailers to hacking a broad swath of small to mid-sized merchants. In many ways, not much has changed: The biggest underground shops that sell stolen cards still index most of their cards by ZIP code. Only, the ZIP code corresponds not to the legitimate cardholder’s billing address but to the address of the hacked store at which the card in question was physically swiped (the reason for this is that buyers of these cards tend to prefer cards used by people who live in their geographic area, as the subsequent fraudulent use of those cards tends to set off fewer alarm bells at the issuing bank). Last week I was researching a story published here this week on how a steep increase in transaction fees associated with Bitcoin is causing many carding shops to recommend alternate virtual currencies like Litecoin. And I noticed that popular carding store Joker’s Stash had just posted a new batch of cards dubbed “Dynamittte,” which boasted some 7 million cards advertised as “100 percent” valid — meaning the cards were so fresh that even the major credit card issuers probably didn’t yet know which retail or restaurant breach caused this particular breach. Translation: These stolen cards were far more likely to still be active and useable after fraudsters encode the account numbers onto fake plastic and use the counterfeits to go shopping in big box stores. I pinged a couple of sources who track when huge new batches of stolen cards hit the market, and both said the test cards they’d purchased from the Joker’s Stash Dynamittte batch mapped back to customers who all had one thing in common: They’d all recently eaten at a Jason’s Deli location. Jason’s Deli is a fast casual restaurant chain based in Beaumont, Texas, with approximately 266 locations in 28 states. Seeking additional evidence as to the source of the breach, I turned to the Jason’s Deli Web site and scraped the ZIP codes for their various stores across the country. Then I began comparing those ZIPs with the ZIPs tied to this new Dynamittte batch of cards at Joker’s Stash. Checking my work were the folks at Mindwise.io, a threat intelligence startup in California that monitors Dark Web marketplaces and tries to extract useful information from them. Mindwise found a nearly 100 percent overlap between the ZIP codes on the “Blasttt-US” unit of the Dynamittte cards for sale and the ZIP codes for Jason’s Deli locations. Reached for comment, Jason’s Deli released the following statement:
It’s important to note that the apparent breach at Jason’s Deli almost certainly does not correspond to 7 million cards; typically, carding shop owners will mix cards stolen from multiple breaches into one much larger batch (Dynamittte), and often further subdivide the cards by region (US vs. European cards). As run-of-the-mill as these card breaches have become, it’s still remarkable even in smaller batches of cards like those apparently stolen from Jason’s Deli customers just how many financial institutions are impacted with each breach. Mindwise said it was comfortable concluding that at least 170,000 of the cards for put up for sale this past week on Joker’s Stash map back to Jason’s Deli locations. That may seem like a drop in the bucket compared to the 40 million cards that thieves hauled away from Target four years ago, but the cards stolen from Jason’s Deli customers were issued by more than 250 banks and credit unions, most of which will adopt differing strategies on how to manage fraud on those cards. In other words, by moving down the food chain to smaller but far more plentiful and probably less secure merchants (either by choice or because the larger stores became a harder target) — and by mixing cards stolen from multiple breaches — the fraudsters have made it less likely that breaches at chain stores will be detected and remediated quickly, thereby prolonging the value and use of the stolen cards put up for sale in underground marketplaces. All that said, it’s really not worth it to spend time worrying about where your card number may have been breached, since it’s almost always impossible to say for sure and because it’s common for the same card to be breached at multiple establishments during the same time period. Just remember that although consumers are not liable for fraudulent charges, it may still fall to you the consumer to spot and report any suspicious charges. So keep a close eye on your statements, and consider signing up for text message notifications of new charges if your card issuer offers this service. Most of these services also can be set to alert you if you’re about to miss an upcoming payment, so they can also be handy for avoiding late fees and other costly charges. Related reading (i.e., other breach stories confirmed with ZIP code analysis): Breach at Sonic Drive-in May Have Impacted Millions of Credit, Debit Cards Zip Codes Show Extent of Sally Beauty Breach Data: Nearly All U.S. Home Depot Stores Hit Cards Stolen in Target Breach Flood Underground Markets from https://krebsonsecurity.com/2017/12/4-years-after-target-the-little-guy-is-the-target/
With the New Year nearly upon us, it’s time to reflect on all of the moments and memories that have been treasured over the past 12-months. iMend.com would like to thank all of it’s customers for using our service throughout the year. To say thank you, we are offering a 10% End Of Year discount on both mail-in and call-out repairs across all devices. This offer will be running for 72 hours, from Thursday 28th December to midnight on Saturday 30th December. How the discount works!1. Head over to our mail-in or book a repair section of the site where you can select the phone you want repairing along with the type of issue that your phone has. 2. You will then need to add the repair to your cart. 3. When you come to checking out your repair, you will be given an option on the Order Summary page to enter your discount code. 4.The Voucher Code you will need at checkout is END10 You can also call our customer service team on 0333 014 4262 and give them the code and they will place for you. Terms and conditions:
If you would like to book your repair please do not hesitate to get in contact with a member of our customer service team on 0333 014 4262. iMend.com would like to wish you a Merry Christmas and a Happy New Year! The post End Of Year Sale at iMend.com appeared first on iMend Blog. from https://www.imend.com/blog/end-of-year-sale-at-imend-com/ Critics of unregulated virtual currencies like Bitcoin have long argued that the core utility of these payment systems lies in facilitating illicit commerce, such as buying drugs or stolen credit cards and identities. But recent spikes in the price of Bitcoin — and the fees associated with moving funds into and out of it — have conspired to make Bitcoin a less useful and desirable payment method for many crooks engaged in these activities. Bitcoin’s creator(s) envisioned a currency that could far more quickly and cheaply facilitate payments, with tiny transaction fees compared to other, more established and regulated forms of payment (such as credit cards). And indeed, until the beginning of 2017 those fees were well below $1, frequently less than 10 cents per transaction. But as the price of Bitcoin has soared over the past few months to more than $15,000 per coin, so have the Bitcoin fees per transaction. This has made Bitcoin far less attractive for conducting small-dollar transactions (for more on this shift, see this Dec. 19 story from Ars Technica). As a result, several major underground markets that traffic in stolen digital goods are now urging customers to deposit funds in alternative virtual currencies, such as Litecoin. Those who continue to pay for these commodities in Bitcoin not only face far higher fees, but also are held to higher minimum deposit amounts. “Due to the drastic increase in the Bitcoin price, we faced some difficulties,” reads the welcome message for customers after they log in to Carder’s Paradise, a Dark Web marketplace that KrebsOnSecurity featured in a story last week. “The problem is that we send all your deposited funds to our suppliers which attracts an additional Bitcoin transaction fee (the same fee you pay when you make a deposit),” Carder’s Paradise explains. “Sometimes we have to pay as much as 5$ from every 1$ you deposited.”
The shop continues:
On Carder’s Paradise, the current minimum deposit amount is 0.0066 BTCs, or approximately USD $100. The deposit fee for each transaction is $15.14. That means that anyone who deposits just the minimum amount into this shop is losing more than 15 percent of their deposit in transaction fees. Incredibly, the administrators of Carder’s Paradise apparently received so much pushback from crooks using their service that they decided to lower the price of stolen credit cards to make potential buyers feel better about higher transaction fees. “Our team made a decision to adjust the previous announcement and provide a fair solution for everyone by reducing the credit cards [sic] prices,” the message concludes. Mainstream merchants that accept credit card payments have long griped about the high cost of transaction fees, which average $2.50 to $3.00 on a $100 charge. What’s fascinating about the spike in Bitcoin transaction fees is that crooks could end up paying five times as much in fees just to purchase the same amount in stolen credit card accounts! from https://krebsonsecurity.com/2017/12/skyrocketing-bitcoin-fees-hit-carders-in-wallet/ iMend.com offer a nationwide call-out service that will repair your device at the comfort of your own home or office. We also run one of the biggest repair centres in the heart of England where talented in-house technicians handle some of the most difficult repairs in the industry.
This Sony Xperia X Compact was the victim of an accidental drop, smashing the screen and badly bruising the LCD. Replacing the screen on Sony devices is renowned for being challenging. This device is an extremely complicated piece of kit. When replacing the screen, the phone is completely stripped down and transplanted to a new LCD and frame, a far more complicated repair then that of an iPhone or Samsung. Our top technicians have decided to share their wisdom and show you the detailed process that goes into completing a Sony Xperia X Compact Screen Replacement: Step 1 – Removing The Back Cover Start by heating the back cover on a heat plate. This softens the adhesive and stops you from bending and misshaping the component. Use your picks to ease around the back cover until it comes away from the body. Step 2 – Removing The Back Frame and Camera There are seven screws in the back frame, remove all and place them in a designated area for later. Use your plastic spludger to disconnect the battery connector. Once this is disconnected, proceed with disconnecting both camera and audio connectors. It is now safe to remove the back frame. Use your spludger to remove the front camera from the assembly. Follow the same process for the back camera. Step 3 – Removing The Loudspeaker Remove the screw in the far right corner of the device. Use your spludger to disconnect the vibrating motor connector from the motherboard. The frame for the loudspeaker should now be removable. Step 4 – Removing The Motherboard Disconnect the charging port connector with the spludger. Now use the spludger to raise the motherboard from the assembly. Once the motherboard is raised, disconnect the LCD/touchscreen connectors from the motherboard. It should now be free from the assembly. Step 5 – Applying New LCD/Frame Start by transplanting the home/volume flex onto the the new frame. Use specialised tweezers to disconnect from the previous assembly. Next, transplant the earpiece over to the new LCD/Frame using your plastic spludger. Step 6 – Reattaching Motherboard Reconnect both the LCD and touchscreen connectors. Place the motherboard inside the frame. Be extremely careful, ensure that the charging port and audio jack connector does not get trapped under the motherboard. Both connectors are now safe to connect to the motherboard. Step 7 – Reconnecting The Camera And Audio Jack Connectors Use your plastic spludger to connect your front camera into the motherboard. Do the same for the rear camera. When connecting both cameras, do not press down to hard as this can internally damage these components. Step 8 – Reconnecting The Loudspeaker Push the loudspeaker board back into place. Once in place, use your tweezers to reconnect the vibrating motor’s connector onto the motherboard. Now place the screw back into the designated screw hole. Step 9 – Relocating The Back Frame Place the back frame in the correct position, aligning the screw holes on the back frame and assembly. Lift the battery connector and the camera and audio main flex over the top of the back frame. Place the original screws back into the seven holes located on the frame. You are now able to reconnect the main flex and battery connector. Step 10 – Reapply The Back Cover Carefully place the special adhesive sheet onto the back cover. Slowly press this cover onto the back of the assembly. Ensure that this is done with caution as the back place is prone to misshaping when handled with force. As you can see, a Sony Xperia Screen Replacement is an extremely complicated repair. A repair of this difficulty should always be handled by an experienced technician. Our iTechs are trained to the highest standard through our iMend Training Programme and have vast experience in repairing all mobile phones and tablets. If you are looking to replace your Sony Xperia X Compact Screen, look no further than iMend.com. Click here to view the different type of repairs we offer for Sony devices.
The post Sony Xperia X Compact Screen Replacement appeared first on iMend Blog. from https://www.imend.com/blog/sony-xperia-x-compact-screen-replacement/ A U.K. man who pleaded guilty to launching more than 2,000 cyberattacks against some of the world’s largest companies has avoided jail time for his role in the attacks. The judge in the case reportedly was moved by pleas for leniency that cited the man’s youth at the time of the attacks and a diagnosis of autism. In early July 2017, the West Midlands Police in the U.K. arrested 19-year-old Stockport resident Jack Chappell and charged him with using a now-defunct attack-for-hire service called vDOS to launch attacks against the Web sites of Amazon, BBC, BT, Netflix, T-Mobile, Virgin Media, and Vodafone, between May 1, 2015 and April 30, 2016. Chappell also helped launder money for vDOS, which until its demise in September 2016 was by far the most popular and powerful attack-for-hire service — allowing even completely unskilled Internet users to launch crippling assaults capable of knocking most Web sites offline. Using the Twitter handle @fractal_warrior, Chappell would taunt his victims while launching attacks against them. The tweet below was among several sent to the Jisc Janet educational support network and Manchester College, where Chappell was a student. In total, Chappell attacked his school at least 21 times, prosecutors showed. Chappell was arrested in April 2016 after investigators traced his Internet address to his home in the U.K. For more on the clues that likely led to his arrest, check out this story. Nevertheless, the judge in the case was moved by pleas from Chappell’s lawyer, who argued that his client was just an impressionable youth at the time who has autism, a range of conditions characterized by challenges with social skills, repetitive behaviors, speech and nonverbal communication. The defense called on an expert who reportedly testified that Chappell was “one of the most talented people with a computer he had ever seen.” “He is in some ways as much of a victim, he has been exploited and used,” Chappell’s attorney Stuart Kaufman told the court, according to the Manchester Evening News. “He is not malicious, he is mischievous.” The same publication quoted Judge Maurice Greene at Chappell’s sentencing this week, saying to the young man: “You were undoubtedly taken advantage of by those more criminally sophisticated than yourself. You would be extremely vulnerable in a custodial element.” Judge Greene decided to suspend a sentence of 16 months at a young offenders institution; Chappell will instead “undertake 20 days rehabilitation activity,” although it’s unclear exactly what that will entail. ANALYSIS/RANTIt’s remarkable when someone so willingly and gleefully involved in a crime spree such as this can emerge from it looking like the victim. “Autistic Hacker Had Been Exploited,” declared a headline about the sentence in the U.K. newspaper The Times. After reading the coverage of this case in the press, I half expected to see another story saying someone had pinned a medal on Chappell or offered him a job. Yes, Chappell will have the stain of a criminal conviction on his record, and yes autism can be a very serious and often debilitating illness. Let me be clear: I am not suggesting that offenders like this young man should be tossed in jail with violent criminals. But courts around the world continue to send a clear message that young men essentially can do whatever they like when it comes to DDoS attacks and that there will be no serious consequences as a result. Chappell launched his attacks via vDOS, which provided a simple, point-and-click service that allowed even completely unskilled Internet users to launch massive DDoS attacks. vDOS made more than $600,000 in just two of the four years it was in operation, launching more than 150,000 attacks against thousands of victims (including this site). In September 2016, vDOS was taken offline and its alleged co-creators — two Israeli man who created the business when they were 14 and 15 years old — were arrested and briefly detained by Israeli authorities. But despite assurances that the men (now adults) would be tried for their crimes, neither has been prosecuted. In July 2017, a court in Germany issued a suspended sentence for Daniel Kaye, a 29-year-old man who allegedly launched extortionist DDoS attacks against several bank Web sites. After the source code for the Mirai botnet malware was released in September 2016, Kaye built his own Mirai botnet and used it in several high-profile attacks, including a fumbled assault that knocked out Internet service to more than 900,000 Deutsche Telekom customers. In his trial, Kaye admitted that a customer of his paid him $10,000 to attack the Liberian ISP Lonestar. He’s also thought to have launched DDoS attacks on Lloyds Banking Group and Barclays banks in January 2017. Kaye is now facing related cybercrime charges in the U.K. Last week, the U.S. Justice Department unsealed the cases of two young men in the United States who have pleaded guilty to co-authoring Mirai, an “Internet of Things” (IoT) malware strain that has been used to create dozens of copycat Mirai botnets responsible for countless DDoS attacks over the past 15 months. Jha and his co-defendants in that case launched highly disruptive and extortionist attacks against a number of Web sites and used their creation to conduct lucrative click fraud schemes. Like Chappell, the core author of Mirai — 21-year-old Fanwood, N.J. resident Paras Jha — launched countless DDoS attacks against his school, costing Rutgers University between $3.5 million and $9 million to defend against and clean up after the assaults (the actual damages will be decided at Jha’s sentencing in March 2018). Time will tell if Kaye or Jha and his co-defendants receive any real punishment for their crimes. But I would submit that if we don’t have the stomach to put these “talented young hackers” in jail when they’re ultimately found guilty, perhaps we should consider harnessing their skills in less draconian but still meaningfully punitive ways, such as requiring them to serve several years participating in programs designed to keep other kids from following in their footsteps. Doing anything less smacks of a disservice to justice, glorifies DDoS as an essentially victimless crime, and serves little deterrent that might otherwise make it less likely that we will see fewer such cases going forward. from https://krebsonsecurity.com/2017/12/u-k-man-avoids-jail-time-in-vdos-case/ Prepaid gift cards make popular presents and no-brainer stocking stuffers, but before you purchase one be on the lookout for signs that someone may have tampered with it. A perennial scam that picks up around the holidays involves thieves who pull back and then replace the decals that obscure the card’s redemption code, allowing them to redeem or transfer the card’s balance online after the card is purchased by an unwitting customer. Last week KrebsOnSecurity heard from Colorado reader Flint Gatrell, who reached out after finding that a bunch of Sam’s Club gift cards he pulled off the display rack at Wal-Mart showed signs of compromise. The redemption code was obscured by a watermarked sticker that is supposed to make it obvious if it has been tampered with, and many of the cards he looked at clearly had stickers that had been peeled back and then replaced. “I just identified five fraudulent gift cards on display at my local Wal-Mart,” Gatrell said. “They each had their stickers covering their codes peeled back and replaced. I can only guess that the thieves call the service number to monitor the balances, and try to consume them before the victims can. I’m just glad I thought to check!”
In the picture below, Gatrell is holding up three of the Sam’s Club cards. The top two showed signs of tampering, but the one on the bottom appeared to be intact.
Kevin Morrison, a senior analyst on the retail banking and payments team at market analysis firm Aite Group, said the gift card scheme is not new but that it does tend to increase in frequency around the holidays, when demand for the cards is far higher. “Store employees are instructed to look for abnormalities at the [register] but this happens [more] around the holiday season as attention spans tend to shorten,” he said. “While gift card packaging has improved and some safe-guards put in place, fraudsters look for the weakest link and hit hard when they find one.” Gift cards make great last-minute gifts, but don’t let your guard down in your haste to wrap up your holiday shopping. There are so many variations on the above-described scheme that many stores have taken to keeping gift cards at or behind the register, where cashiers can more easily spot customers trying to tamper with the cards. As a result, stores that take this basic precaution may be the safest place to purchase gift cards. from https://krebsonsecurity.com/2017/12/buyers-beware-of-tampered-gift-cards/ |
ABOUT MEHi my name is Anthony I am 32 years old from Houston. I am working in local store selling electronic devices. I have been interested in eclectronics since childhood and I like to reacd about it. Archives
April 2019
Categories |